Solve : some1 says i am infected?

1.	Solve : some1 says i am infected?
Answer» yes im on firefox now thx. ok now i just got a bubble that said taking out memory and i tried to download ad-ware ae and said i dont have enough memory. i used defragmenter and said i have 63% storage not used my firewall has been deleted im messed right up. my log files for antivir personal. Avira AntiVir Personal Report file date: Monday, January 19, 2009 03:46 Scanning for 1038808 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (plain) [5.1.2600] BOOT mode: Normally booted Username: SYSTEM COMPUTER name: SERVER Version information: BUILD.DAT : 8.2.0.337 16934 Bytes 11/18/2008 13:05:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 11/18/2008 17:21:26 AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 16:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 21:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 16:58:52 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 20:30:36 ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 11/9/2008 01:57:13 ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 11/16/2008 01:16:47 ANTIVIR3.VDF : 7.1.0.97 45056 Bytes 11/17/2008 01:38:59 Engineversion : 8.2.0.31 AEVDF.DLL : 8.1.0.6 102772 Bytes 10/14/2008 19:05:56 AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 23:00:07 AESCN.DLL : 8.1.1.5 123251 Bytes 11/8/2008 00:06:41 AERDL.DLL : 8.1.1.3 438645 Bytes 11/4/2008 22:58:38 AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 18:41:39 AEOFFICE.DLL : 8.1.0.30 196986 Bytes 11/8/2008 00:06:41 AEHEUR.DLL : 8.1.0.71 1487222 Bytes 11/8/2008 00:06:41 AEHELP.DLL : 8.1.1.3 119157 Bytes 11/8/2008 00:06:41 AEGEN.DLL : 8.1.1.0 319859 Bytes 11/8/2008 00:06:41 AEEMU.DLL : 8.1.0.9 393588 Bytes 10/14/2008 19:05:56 AECORE.DLL : 8.1.4.1 172405 Bytes 11/8/2008 00:06:41 AEBB.DLL : 8.1.0.3 53618 Bytes 10/14/2008 19:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 17:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 18:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 7/31/2008 21:02:15 AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 20:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 17:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 21:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/23/2008 02:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 21:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 21:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 22:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 22:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: Monday, January 19, 2009 03:46 The scan of running processes will be started Scan process 'PokerStarsUpdate.exe' - '1' Module(s) have been scanned Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'WgaTray.exe' - '1' Module(s) have been scanned Scan process 'Kodak Software Updater.exe' - '1' Module(s) have been scanned Scan process 'EasyShare.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'lxdnmsdmon.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'lxdnmon.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'avgcc.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'tcpsvcs.exe' - '1' Module(s) have been scanned Scan process 'lxdncoms.exe' - '1' Module(s) have been scanned Scan process 'lxdnserv.exe' - '1' Module(s) have been scanned Scan process 'jqs.exe' - '1' Module(s) have been scanned Scan process 'avgemc.exe' - '1' Module(s) have been scanned Scan process 'avgupsvc.exe' - '1' Module(s) have been scanned Scan process 'avgamsvr.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 35 processes with 35 modules were scannedcont... Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Starting to scan the registry. The registry was scanned ( '60' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\$VAULT$.AVG\00000001.FIL Archive TYPE: HIDDEN --> FIL\\\?\C:\$VAULT$.AVG\00000001.FIL [DETECTION] Contains recognition PATTERN of the WORM/Lovsan.F.1 worm [NOTE] The file was moved to '49a46878.qua'! C:\Documents and Settings\server\Local Settings\Temp\62888679.exe [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '49ac6a72.qua'! C:\Documents and Settings\server\Local Settings\Temp\63252812.exe [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] The file was moved to '49a66a7b.qua'! C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\colbact.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\comuid.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\es.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\ole32.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB828741$\txflog.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB833987$\sxs.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\browser.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\callcont.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\msgina.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\mst120.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll [WARNING] The file could not be opened! C:\WINDOWS\$NtUninstallKB835732$\schannel.dll [WARNING] The file could not be opened! C:\WINDOWS\Downloaded Program Files\start.INF [DETECTION] Is the TR/Dagonit.INF Trojan [NOTE] The file was moved to '49d57627.qua'! C:\WINDOWS\system32\components\flx1.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b4a.qua'! C:\WINDOWS\system32\components\flx10.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b51.qua'! C:\WINDOWS\system32\components\flx11.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b55.qua'! C:\WINDOWS\system32\components\flx12.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b58.qua'! C:\WINDOWS\system32\components\flx13.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b5b.qua'! C:\WINDOWS\system32\components\flx14.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b5e.qua'! C:\WINDOWS\system32\components\flx15.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b61.qua'! C:\WINDOWS\system32\components\flx16.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b63.qua'! C:\WINDOWS\system32\components\flx17.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b65.qua'! C:\WINDOWS\system32\components\flx18.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b67.qua'! C:\WINDOWS\system32\components\flx19.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b69.qua'! C:\WINDOWS\system32\components\flx2.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b6b.qua'! C:\WINDOWS\system32\components\flx20.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b6e.qua'! C:\WINDOWS\system32\components\flx21.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b6f.qua'! C:\WINDOWS\system32\components\flx22.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b72.qua'! C:\WINDOWS\system32\components\flx23.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b74.qua'! C:\WINDOWS\system32\components\flx24.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b76.qua'! C:\WINDOWS\system32\components\flx25.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b78.qua'! C:\WINDOWS\system32\components\flx26.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b7a.qua'! C:\WINDOWS\system32\components\flx27.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b7c.qua'! C:\WINDOWS\system32\components\flx28.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b7e.qua'! C:\WINDOWS\system32\components\flx29.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b80.qua'! C:\WINDOWS\system32\components\flx3.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b83.qua'! C:\WINDOWS\system32\components\flx30.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b85.qua'! C:\WINDOWS\system32\components\flx32.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b8b.qua'! C:\WINDOWS\system32\components\flx33.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b8c.qua'! C:\WINDOWS\system32\components\flx34.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '48864ecd.qua'! C:\WINDOWS\system32\components\flx35.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b8d.qua'! C:\WINDOWS\system32\components\flx36.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b8e.qua'! C:\WINDOWS\system32\components\flx37.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b8f.qua'! C:\WINDOWS\system32\components\flx38.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b90.qua'! C:\WINDOWS\system32\components\flx39.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '48864ed1.qua'! C:\WINDOWS\system32\components\flx4.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b92.qua'! C:\WINDOWS\system32\components\flx40.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '48864ed3.qua'! C:\WINDOWS\system32\components\flx41.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b93.qua'! C:\WINDOWS\system32\components\flx42.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b94.qua'! C:\WINDOWS\system32\components\flx43.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b95.qua'! C:\WINDOWS\system32\components\flx44.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b96.qua'! C:\WINDOWS\system32\components\flx45.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '48864ed7.qua'! C:\WINDOWS\system32\components\flx46.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b97.qua'! C:\WINDOWS\system32\components\flx47.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b98.qua'! C:\WINDOWS\system32\components\flx48.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b99.qua'! C:\WINDOWS\system32\components\flx49.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b9a.qua'! C:\WINDOWS\system32\components\flx5.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b9b.qua'! C:\WINDOWS\system32\components\flx57.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b9c.qua'! C:\WINDOWS\system32\components\flx59.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b9d.qua'! C:\WINDOWS\system32\components\flx61.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b9e.qua'! C:\WINDOWS\system32\components\flx63.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7b9f.qua'! C:\WINDOWS\system32\components\flx65.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7ba0.qua'! C:\WINDOWS\system32\components\flx67.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7ba1.qua'! C:\WINDOWS\system32\components\flx69.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7ba2.qua'! C:\WINDOWS\system32\components\flx7.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7ba3.qua'! C:\WINDOWS\system32\components\flx70.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '48864ee4.qua'! C:\WINDOWS\system32\components\flx72.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7ba4.qua'! C:\WINDOWS\system32\components\flx73.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7ba5.qua'! C:\WINDOWS\system32\components\flx74.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7ba6.qua'! C:\WINDOWS\system32\components\flx8.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7ba8.qua'! C:\WINDOWS\system32\components\flx9.dll [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to '49ec7ba9.qua'! End of the scan: Monday, January 19, 2009 05:14 Used time: 1:27:53 Hour(s) The scan has been done completely. 4121 Scanning directories 199174 Files were scanned 62 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 62 files were moved to quarantine 0 files were renamed 39 Files cannot be scanned 199073 Files not concerned 2170 Archives were scanned 39 WARNINGS 62 Notes my log for super anti spy... SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 01/20/2009 at 04:08 PM Application Version : 4.25.1012 Core Rules Database Version : 3718 Trace Rules Database Version: 1692 Scan type : Quick Scan Total Scan Time : 00:22:31 Memory items scanned : 603 Memory threats detected : 0 Registry items scanned : 400 Registry threats detected : 16 File items scanned : 4509 File threats detected : 39 Browser Hijacker.BestSafetyGuide HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{873eb32d-ae1a-4183-89bd-45a77f761be4} HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4} HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4} HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4}\InprocServer32 HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4}\InprocServer32#ThreadingModel C:\WINDOWS\SYSTEM32\IXT0.DLL Unclassified.Unknown Origin HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#SystemCheck2 HKCR\CLSID\{54645654-2225-4455-44A1-9F4543D34546} HKCR\CLSID\{54645654-2225-4455-44A1-9F4543D34546} HKCR\CLSID\{54645654-2225-4455-44A1-9F4543D34546}\InProcServer32 C:\WINDOWS\SYSTEM32\VBSYS2.DLL Trojan.Homepage HKCR\CLSID\{8D83B16E-0DE1-452B-AC52-96EC0B34AA4B} HKCR\CLSID\{8D83B16E-0DE1-452B-AC52-96EC0B34AA4B}\InprocServer32 HKCR\CLSID\{8D83B16E-0DE1-452B-AC52-96EC0B34AA4B}\InprocServer32#ThreadingModel HKCR\CLSID\{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E} HKCR\CLSID\{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E}\InprocServer32 HKCR\CLSID\{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E}\InprocServer32#ThreadingModel Unclassified.PC MightyMax HKU\S-1-5-21-1060284298-1078145449-854245398-1003\Software\PC MightyMax C:\Program Files\PC MightyMax\lic.conf C:\Program Files\PC MightyMax\lic.dat C:\Program Files\PC MightyMax\pcdocrx.conf C:\Program Files\PC MightyMax\tmp_res_x_101.tmp C:\Program Files\PC MightyMax\tmp_res_x_102.tmp C:\Program Files\PC MightyMax\tmp_res_x_103.tmp C:\Program Files\PC MightyMax\tmp_res_x_104.tmp C:\Program Files\PC MightyMax\tmp_res_x_105.tmp C:\Program Files\PC MightyMax\tmp_res_x_106.tmp C:\Program Files\PC MightyMax\tmp_res_x_107.tmp C:\Program Files\PC MightyMax\tmp_res_x_108.tmp C:\Program Files\PC MightyMax\tmp_res_x_109.tmp C:\Program Files\PC MightyMax\tmp_res_x_110.tmp C:\Program Files\PC MightyMax\tmp_res_x_111.tmp C:\Program Files\PC MightyMax\tmp_res_x_112.tmp C:\Program Files\PC MightyMax\tmp_res_x_113.tmp C:\Program Files\PC MightyMax\tmp_res_x_114.tmp C:\Program Files\PC MightyMax\tmp_res_x_115.tmp C:\Program Files\PC MightyMax\tmp_res_x_116.tmp C:\Program Files\PC MightyMax\tmp_res_x_117.tmp C:\Program Files\PC MightyMax\tmp_res_x_118.tmp C:\Program Files\PC MightyMax\tmp_res_x_119.tmp C:\Program Files\PC MightyMax\tmp_res_x_120.tmp C:\Program Files\PC MightyMax\tmp_res_x_121.tmp C:\Program Files\PC MightyMax\tmp_res_x_122.tmp C:\Program Files\PC MightyMax\tmp_res_x_123.tmp C:\Program Files\PC MightyMax\tmp_res_x_124.tmp C:\Program Files\PC MightyMax\tmp_res_x_125.tmp C:\Program Files\PC MightyMax\undo C:\Program Files\PC MightyMax Adware.Tracking Cookie C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][1].txt C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][2].txt C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][2].txt C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][2].txt C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][2].txt C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][2].txt Malware.SpywareQuake C:\WINDOWS\TEMP\SABD.EXE my log for malwarebytes... Malwarebytes' Anti-Malware 1.33 Database version: 1673 Windows 5.1.2600 1/20/2009 5:09:22 PM mbam-log-2009-01-20 (17-09-22).txt Scan type: Quick Scan Objects scanned: 53871 Time elapsed: 13 minute(s), 58 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 8 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 3 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2bf41072-b2b1-21c1-b5c1-0305f4155515} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1111-1111-1111-611111193423} (Trojan.Clicker) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1111-1111-1111-611111193429} (Trojan.Clicker) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1111-1111-1111-615111193427} (Trojan.Clicker) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1131-1111-1111-611111193428} (Trojan.Clicker) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{64311111-1111-1121-1111-111191113457} (Trojan.Clicker) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\AntispywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AntiSpywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Documents and Settings\server\Application Data\AntispywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully. C:\Documents and Settings\server\Application Data\AntispywareBot\Log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully. C:\Documents and Settings\server\Application Data\AntispywareBot\Settings (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully. Files Infected: C:\Documents and Settings\server\Application Data\AntispywareBot\rs.dat (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully. C:\Documents and Settings\server\Application Data\AntispywareBot\Log\2009 Jan 19 - 09_21_42 PM_733.log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully. C:\Documents and Settings\server\Application Data\AntispywareBot\Log\2009 Jan 19 - 09_58_08 PM_436.log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully. C:\Documents and Settings\server\Application Data\AntispywareBot\Settings\ScanResults.pie (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\AntispywareBot Scheduled Scan.job (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully. C:\WINDOWS\system32\7_exception.nls (Trojan.Tibs) -> Quarantined and deleted successfully. i am now stuck on the hijack this wont let me copy past hiany1 can look at filesany1 help me Apologies for this long wait. We are currently a bit short on Malware Specialists. Because of this, they are mainly only looking at topics in the Computer Virus and Spyware Section with 0 replied. I suggest re-posting your problem, along with the logs. (attach them as text files).

Answer»

yes im on firefox now thx. ok now i just got a bubble that said taking out memory and i tried to download ad-ware ae and said i dont have enough memory. i used defragmenter and said i have 63% storage not used my firewall has been deleted im messed right up. my log files for antivir personal.
Avira AntiVir Personal
Report file date: Monday, January 19, 2009 03:46

Scanning for 1038808 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
BOOT mode: Normally booted
Username: SYSTEM
COMPUTER name: SERVER

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 11/18/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 11/18/2008 17:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 16:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 21:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 16:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 20:30:36
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 11/9/2008 01:57:13
ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 11/16/2008 01:16:47
ANTIVIR3.VDF : 7.1.0.97 45056 Bytes 11/17/2008 01:38:59
Engineversion : 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 10/14/2008 19:05:56
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 23:00:07
AESCN.DLL : 8.1.1.5 123251 Bytes 11/8/2008 00:06:41
AERDL.DLL : 8.1.1.3 438645 Bytes 11/4/2008 22:58:38
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 18:41:39
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 11/8/2008 00:06:41
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 11/8/2008 00:06:41
AEHELP.DLL : 8.1.1.3 119157 Bytes 11/8/2008 00:06:41
AEGEN.DLL : 8.1.1.0 319859 Bytes 11/8/2008 00:06:41
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/14/2008 19:05:56
AECORE.DLL : 8.1.4.1 172405 Bytes 11/8/2008 00:06:41
AEBB.DLL : 8.1.0.3 53618 Bytes 10/14/2008 19:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 17:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 18:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 7/31/2008 21:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 20:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 17:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 21:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/23/2008 02:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 21:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 21:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 22:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 22:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: Monday, January 19, 2009 03:46

The scan of running processes will be started
Scan process 'PokerStarsUpdate.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'WgaTray.exe' - '1' Module(s) have been scanned
Scan process 'Kodak Software Updater.exe' - '1' Module(s) have been scanned
Scan process 'EasyShare.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'lxdnmsdmon.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'lxdnmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgcc.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'tcpsvcs.exe' - '1' Module(s) have been scanned
Scan process 'lxdncoms.exe' - '1' Module(s) have been scanned
Scan process 'lxdnserv.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'avgemc.exe' - '1' Module(s) have been scanned
Scan process 'avgupsvc.exe' - '1' Module(s) have been scanned
Scan process 'avgamsvr.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
35 processes with 35 modules were scannedcont...
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '60' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\$VAULT$.AVG\00000001.FIL

Archive TYPE: HIDDEN

--> FIL\\\?\C:\$VAULT$.AVG\00000001.FIL
[DETECTION] Contains recognition PATTERN of the WORM/Lovsan.F.1 worm
[NOTE] The file was moved to '49a46878.qua'!
C:\Documents and Settings\server\Local Settings\Temp\62888679.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49ac6a72.qua'!
C:\Documents and Settings\server\Local Settings\Temp\63252812.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49a66a7b.qua'!
C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\colbact.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comuid.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\es.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\ole32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\txflog.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB833987$\sxs.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\browser.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\callcont.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\msgina.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\mst120.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\schannel.dll
[WARNING] The file could not be opened!
C:\WINDOWS\Downloaded Program Files\start.INF
[DETECTION] Is the TR/Dagonit.INF Trojan
[NOTE] The file was moved to '49d57627.qua'!
C:\WINDOWS\system32\components\flx1.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b4a.qua'!
C:\WINDOWS\system32\components\flx10.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b51.qua'!
C:\WINDOWS\system32\components\flx11.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b55.qua'!
C:\WINDOWS\system32\components\flx12.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b58.qua'!
C:\WINDOWS\system32\components\flx13.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b5b.qua'!
C:\WINDOWS\system32\components\flx14.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b5e.qua'!
C:\WINDOWS\system32\components\flx15.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b61.qua'!
C:\WINDOWS\system32\components\flx16.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b63.qua'!
C:\WINDOWS\system32\components\flx17.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b65.qua'!
C:\WINDOWS\system32\components\flx18.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b67.qua'!
C:\WINDOWS\system32\components\flx19.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b69.qua'!
C:\WINDOWS\system32\components\flx2.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b6b.qua'!
C:\WINDOWS\system32\components\flx20.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b6e.qua'!
C:\WINDOWS\system32\components\flx21.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b6f.qua'!
C:\WINDOWS\system32\components\flx22.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b72.qua'!
C:\WINDOWS\system32\components\flx23.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b74.qua'!
C:\WINDOWS\system32\components\flx24.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b76.qua'!
C:\WINDOWS\system32\components\flx25.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b78.qua'!
C:\WINDOWS\system32\components\flx26.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b7a.qua'!
C:\WINDOWS\system32\components\flx27.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b7c.qua'!
C:\WINDOWS\system32\components\flx28.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b7e.qua'!
C:\WINDOWS\system32\components\flx29.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b80.qua'!
C:\WINDOWS\system32\components\flx3.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b83.qua'!
C:\WINDOWS\system32\components\flx30.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b85.qua'!
C:\WINDOWS\system32\components\flx32.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b8b.qua'!
C:\WINDOWS\system32\components\flx33.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b8c.qua'!
C:\WINDOWS\system32\components\flx34.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '48864ecd.qua'!
C:\WINDOWS\system32\components\flx35.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b8d.qua'!
C:\WINDOWS\system32\components\flx36.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b8e.qua'!
C:\WINDOWS\system32\components\flx37.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b8f.qua'!
C:\WINDOWS\system32\components\flx38.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b90.qua'!
C:\WINDOWS\system32\components\flx39.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '48864ed1.qua'!
C:\WINDOWS\system32\components\flx4.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b92.qua'!
C:\WINDOWS\system32\components\flx40.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '48864ed3.qua'!
C:\WINDOWS\system32\components\flx41.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b93.qua'!
C:\WINDOWS\system32\components\flx42.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b94.qua'!
C:\WINDOWS\system32\components\flx43.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b95.qua'!
C:\WINDOWS\system32\components\flx44.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b96.qua'!
C:\WINDOWS\system32\components\flx45.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '48864ed7.qua'!
C:\WINDOWS\system32\components\flx46.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b97.qua'!
C:\WINDOWS\system32\components\flx47.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b98.qua'!
C:\WINDOWS\system32\components\flx48.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b99.qua'!
C:\WINDOWS\system32\components\flx49.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b9a.qua'!
C:\WINDOWS\system32\components\flx5.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b9b.qua'!
C:\WINDOWS\system32\components\flx57.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b9c.qua'!
C:\WINDOWS\system32\components\flx59.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b9d.qua'!
C:\WINDOWS\system32\components\flx61.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b9e.qua'!
C:\WINDOWS\system32\components\flx63.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7b9f.qua'!
C:\WINDOWS\system32\components\flx65.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7ba0.qua'!
C:\WINDOWS\system32\components\flx67.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7ba1.qua'!
C:\WINDOWS\system32\components\flx69.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7ba2.qua'!
C:\WINDOWS\system32\components\flx7.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7ba3.qua'!
C:\WINDOWS\system32\components\flx70.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '48864ee4.qua'!
C:\WINDOWS\system32\components\flx72.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7ba4.qua'!
C:\WINDOWS\system32\components\flx73.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7ba5.qua'!
C:\WINDOWS\system32\components\flx74.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7ba6.qua'!
C:\WINDOWS\system32\components\flx8.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7ba8.qua'!
C:\WINDOWS\system32\components\flx9.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49ec7ba9.qua'!

End of the scan: Monday, January 19, 2009 05:14
Used time: 1:27:53 Hour(s)

The scan has been done completely.

4121 Scanning directories
199174 Files were scanned
62 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
62 files were moved to quarantine
0 files were renamed
39 Files cannot be scanned
199073 Files not concerned
2170 Archives were scanned
39 WARNINGS
62 Notes

my log for super anti spy...
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/20/2009 at 04:08 PM

Application Version : 4.25.1012

Core Rules Database Version : 3718
Trace Rules Database Version: 1692

Scan type : Quick Scan
Total Scan Time : 00:22:31

Memory items scanned : 603
Memory threats detected : 0
Registry items scanned : 400
Registry threats detected : 16
File items scanned : 4509
File threats detected : 39

Browser Hijacker.BestSafetyGuide
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{873eb32d-ae1a-4183-89bd-45a77f761be4}
HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4}
HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4}
HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4}\InprocServer32
HKCR\CLSID\{873EB32D-AE1A-4183-89BD-45A77F761BE4}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\IXT0.DLL

Unclassified.Unknown Origin
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#SystemCheck2
HKCR\CLSID\{54645654-2225-4455-44A1-9F4543D34546}
HKCR\CLSID\{54645654-2225-4455-44A1-9F4543D34546}
HKCR\CLSID\{54645654-2225-4455-44A1-9F4543D34546}\InProcServer32
C:\WINDOWS\SYSTEM32\VBSYS2.DLL

Trojan.Homepage
HKCR\CLSID\{8D83B16E-0DE1-452B-AC52-96EC0B34AA4B}
HKCR\CLSID\{8D83B16E-0DE1-452B-AC52-96EC0B34AA4B}\InprocServer32
HKCR\CLSID\{8D83B16E-0DE1-452B-AC52-96EC0B34AA4B}\InprocServer32#ThreadingModel
HKCR\CLSID\{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E}
HKCR\CLSID\{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E}\InprocServer32
HKCR\CLSID\{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E}\InprocServer32#ThreadingModel

Unclassified.PC MightyMax
HKU\S-1-5-21-1060284298-1078145449-854245398-1003\Software\PC MightyMax
C:\Program Files\PC MightyMax\lic.conf
C:\Program Files\PC MightyMax\lic.dat
C:\Program Files\PC MightyMax\pcdocrx.conf
C:\Program Files\PC MightyMax\tmp_res_x_101.tmp
C:\Program Files\PC MightyMax\tmp_res_x_102.tmp
C:\Program Files\PC MightyMax\tmp_res_x_103.tmp
C:\Program Files\PC MightyMax\tmp_res_x_104.tmp
C:\Program Files\PC MightyMax\tmp_res_x_105.tmp
C:\Program Files\PC MightyMax\tmp_res_x_106.tmp
C:\Program Files\PC MightyMax\tmp_res_x_107.tmp
C:\Program Files\PC MightyMax\tmp_res_x_108.tmp
C:\Program Files\PC MightyMax\tmp_res_x_109.tmp
C:\Program Files\PC MightyMax\tmp_res_x_110.tmp
C:\Program Files\PC MightyMax\tmp_res_x_111.tmp
C:\Program Files\PC MightyMax\tmp_res_x_112.tmp
C:\Program Files\PC MightyMax\tmp_res_x_113.tmp
C:\Program Files\PC MightyMax\tmp_res_x_114.tmp
C:\Program Files\PC MightyMax\tmp_res_x_115.tmp
C:\Program Files\PC MightyMax\tmp_res_x_116.tmp
C:\Program Files\PC MightyMax\tmp_res_x_117.tmp
C:\Program Files\PC MightyMax\tmp_res_x_118.tmp
C:\Program Files\PC MightyMax\tmp_res_x_119.tmp
C:\Program Files\PC MightyMax\tmp_res_x_120.tmp
C:\Program Files\PC MightyMax\tmp_res_x_121.tmp
C:\Program Files\PC MightyMax\tmp_res_x_122.tmp
C:\Program Files\PC MightyMax\tmp_res_x_123.tmp
C:\Program Files\PC MightyMax\tmp_res_x_124.tmp
C:\Program Files\PC MightyMax\tmp_res_x_125.tmp
C:\Program Files\PC MightyMax\undo
C:\Program Files\PC MightyMax

Adware.Tracking Cookie
C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][1].txt
C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][2].txt
C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][2].txt
C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][2].txt
C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][2].txt
C:\Documents and Settings\server\Local Settings\Temp\Cookies\[emailprotected][2].txt

Malware.SpywareQuake
C:\WINDOWS\TEMP\SABD.EXE
my log for malwarebytes...
Malwarebytes' Anti-Malware 1.33
Database version: 1673
Windows 5.1.2600

1/20/2009 5:09:22 PM
mbam-log-2009-01-20 (17-09-22).txt

Scan type: Quick Scan
Objects scanned: 53871
Time elapsed: 13 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2bf41072-b2b1-21c1-b5c1-0305f4155515} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1111-1111-1111-611111193423} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1111-1111-1111-611111193429} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1111-1111-1111-615111193427} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33331111-1131-1111-1111-611111193428} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{64311111-1111-1121-1111-111191113457} (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AntispywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AntiSpywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\server\Application Data\AntispywareBot (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\server\Application Data\AntispywareBot\Log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\server\Application Data\AntispywareBot\Settings (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\server\Application Data\AntispywareBot\rs.dat (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\server\Application Data\AntispywareBot\Log\2009 Jan 19 - 09_21_42 PM_733.log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\server\Application Data\AntispywareBot\Log\2009 Jan 19 - 09_58_08 PM_436.log (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\server\Application Data\AntispywareBot\Settings\ScanResults.pie (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\AntispywareBot Scheduled Scan.job (Rogue.AntiSpywareBot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\7_exception.nls (Trojan.Tibs) -> Quarantined and deleted successfully.
i am now stuck on the hijack this wont let me copy past hiany1 can look at filesany1 help me Apologies for this long wait.

We are currently a bit short on Malware Specialists.
Because of this, they are mainly only looking at topics in the Computer Virus and Spyware Section with 0 replied.
I suggest re-posting your problem, along with the logs. (attach them as text files).

Solve : some1 says i am infected?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment